Description
An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly, aka "Microsoft Outlook Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Outlook.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041107
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104323
Patch, Vendor Advisory x_refsource_confirm
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8244
Scores
CVSS v3
6.5
EPSS
0.0485
EPSS Percentile
91.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
CWE
CWE-20
Status
published
Products (5)
microsoft/office
2016
microsoft/outlook
2010 sp2
microsoft/outlook
2013 sp1
microsoft/outlook
2016
microsoft/outlook_rt
2013 sp1
Published
Jun 14, 2018
Tracked Since
Feb 18, 2026